Smackdown: Consumer Privacy vs. Advertiser Revenue: Via CDT - Center for Democracy & Technology..

I attended Smackdown: Consumer Privacy vs. Advertiser Revenue and was expecting to hear good discussion about how advertising and targeting firms are battling with privacy groups to meet the needs of the consumer. I was a little disappointed in how little representation from the privacy end there was in the room. The panel opened with moderator Alan Chapell from BlueKai asking whom in the room represented the business side of consumer data and who was from the advocacy end. I was one of three people representing the advocacy end.

The talk began with defining what data they were talking about as panelists tiptoed around exactly what data is being taken by marketers and commented that nothing used is personally identifiable and is used to tailor a better online experience; however, the panel didn’t really discuss one of the most important questions of user data being used for marketing - how long this data is kept and stored?

Discussion from the panelists turned to how advertisers can adapt their industry practices and data practices in the changing legislative environment. The FTC’s public roundtables, in which CDT participated, were discussed as was legislation in Congress being proposed by Rep. Boucher. [ Read more ... ]

Major ISPs Help Fund BitTorrent User Tracking Research: Via Slashdot YRO.

An anonymous reader writes "I was scanning conference proceedings to come up with ideas for a reading group I run at my workplace, and I noticed an interesting paper from the new IEEE WIFS forensics conference. Researchers from the University of Colorado have published a technique for tracking BitTorrent users (PDF) by joining and actively probing torrent swarms using low-cost cloud computing services. They claim their methods allowed them to monitor the entire Pirate Bay torrent set for as little as $13/mo using EC2. But that's not even the interesting part. Their work appears to have been 'funded in part through gifts from PolyCipher' — a broadband ISP consortium. That's right; three major national ISPs funded this round of BitTorrent tracking research, not the MPAA/RIAA. Could this be evidence of ISP support for ACTA and a global three-strikes law?"

Read Original Article:(Via Slashdot.)

Redefining privacy in the era of personal genomics: Via Ars Technica.

DNA, the storage bank of genetic information for all living organisms, is challenging scientists and policy makers to reconsider the issue of privacy. With the completion of the human genome and advancements in DNA sequencing technologies, a person’s DNA can potentially be tested for risks related to a number of genetic diseases. This progress is promising for personalized medicine, but ethical and policy issues are coming to the forefront as well. After all, can DNA data ever be truly private and anonymous when DNA itself can also act as a unique identifier? [ Read more ... ]

Whistleblowing Can't Wait: Via Blog of Rights: Official Blog of the American Civil Liberties Union.

We ask a lot of whistleblowers. We ask them to stand up for what's right, and to sacrifice much along the way. They risk losing their jobs, alienating their friends, family, and coworkers, face lawsuits and threats to their personal safety.

Wednesday night, the Government Accountability Project (GAP) and Participant Media presented a panel discussion about the importance of government and corporate whistleblowers. The headliners: Frank Serpico, who exposed corruption inside the New York Police Department in 1970 (and was unforgettably portrayed by Al Pacino in the eponymous film); and Daniel Ellsberg, who leaked the Pentagon Papers to the New York Times in 1971, forever changing public opinion about the Vietnam War.

They were joined by more recent whistleblowers, including Kit Foshee, a former meat inspector who exposed that his company was adding ammonia to its ground beef, and Coleen Rowley, who called out the FBI's mishandling of early information it had about Zacarias Mossaoui. Many gave first-hand accounts of exposing corruption, lies and cover-ups, and how being a whistleblower has changed their lives. You can watch the entire panel discussion online . [ Read more ... ]

EFF Experts to Speak at FTC Privacy Roundtable: Via EFF.org Updates.

Berkeley, CA - On Thursday, January 28, the Federal Trade Commission (FTC) is hosting a day-long public roundtable in Berkeley, California, exploring the privacy challenges posted by new developments in technology. Three experts from the Electronic Frontier Foundation (EFF) are taking part.

Panels at Thursday's roundtable include "Technology and Privacy," where EFF Staff Technologist Peter Eckersley will discuss the arms race between tracking technologies and privacy-enhancing technologies. Also on the agenda is "Privacy Implications of Mobile Computing" with EFF Senior Staff Attorney Kevin Bankston addressing privacy issues of location-based services and "Technology and Policy" with EFF Senior Staff Attorney Lee Tien discussing how privacy can be designed into new products. Other panels will tackle social networking services and cloud computing.

For more information on attending the roundtable including a full agenda, visit http://www.ftc.gov/bcp/workshops/privacyroundtables/index.shtml [ Read more ... ]

Quantum Cryptography Cracked: Via Schneier on Security.

Impressive:

This presentation will show the first experimental implementation of an eavesdropper for quantum cryptosystem. Although quantum cryptography has been proven unconditionally secure, by exploiting physical imperfections (detector vulnerability) we have successfully built an intercept-resend attack and demonstrated eavesdropping under realistic conditions on an installed quantum key distribution line. The actual eavesdropping hardware we have built will be shown during the conference.

While I am very interested in quantum cryptography, I have never been optimistic about its practicality. And it's always interesting to see provably secure cryptosystems broken.

Read Original Article:(Via Schneier on Security.)

Schmidt tapped as White House cybersecurity coordinator: Via Computerworld Security News.

Seven months after he announced the creation of a White House cybersecurity coordinator, President Obama has selected industry veteran Howard Schmidt for the job, an administration official confirmed Monday night.

The official told CSOonline.com that the White House will make the announcement today.

"Cybersecurity is critical to both our national security and economic competitiveness, and the president wanted to ensure that the cybersecurity coordinator had the right mix of public and private sector experience," the official said. "After an extensive search, the president chose Schmidt because of his unique background and skill sets."

Schmidt has a long history in the IT security sector and has served in the White House before as vice chairman of the president's Critical Infrastructure Protection Board. [ Read more ... ]

Protecting OSs from RootKits: Via Schneier on Security.

Interesting research: "Countering Kernel Rootkits with Lightweight Hook Protection," by Zhi Wang, Xuxian Jiang, Weidong Cui, and and Peng Ning.

Abstract: Kernel rootkits have posed serious security threats due to their stealthy manner. To hide their presence and activities, many rootkits hijack control flows by modifying control data or hooks in the kernel space. A critical step towards eliminating rootkits is to protect such hooks from being hijacked. However, it remains a challenge because there exist a large number of widely-scattered kernel hooks and many of them could be dynamically allocated from kernel heap and co-located together with other kernel data. In addition, there is a lack of flexible commodity hardware support, leading to the socalled protection granularity gap ­ kernel hook protection requires byte-level granularity but commodity hardware only provides pagelevel protection. [ Read more ... ]

Bookmark/Search this post with:

• Twitter
• Digg
• StumbleUpon
• Technorati
• del.icio.us
• Facebook
• Furl
• LinkedIn
• Yahoo

“Social Networking: The Challenges of Privacy and Openness” Video: Via CDT - PolicyBeta.

CDT and TRUSTe recently hosted “Social Networking: The Challenges of Privacy and Openness,” a discussion in their continuing Internet Policy Series. A five-minute video recapping the highlights of the event can be found here.

Held on the Google Campus in Mountain View, CA, on Oct. 7, the discussion was moderated by Fred Vogelstein of Wired Magazine and included a potent lineup of speakers: Chris Conley, Technology and Civil Liberties Fellow at ACLU Northern California; David Glazer, Engineering Director at Google and Board member of OpenSocial Foundation; and Tim Sparapani, Director of Public Policy at Facebook.

The speakers discussed the tensions that exist between privacy and openness in a social networking environment that is primarily intended for people to share information.

The discussion touched on trust between users and social networking sites, new definitions of privacy in the social networking world, the continuing evolution of users’ privacy expectations, and the limitations of giving users granular control of their personal information.

Read Original Article:(Via CDT - PolicyBeta.)

IRISS Conference on Cybercrime in Ireland: Via IT Law in Ireland.

This promises to be a very interesting event:

IRISS Conference 2009

IRISS will hold its first annual conference on the 19th of November 2009 at the D4 Berkley Court hotel. This all day conference will focus on providing you with an overview of the current cyber threats facing businesses in Ireland and what you can do to help deal with those threats.

Experts on various aspects of cyber crime and cyber security will share their thoughts and experiences with you while a number of panel sessions will provide you with the opportunity to discuss the issues that matter to you most. There will be a number of expert speakers on cyber crime including [ Read more ... ]

Bookmark/Search this post with:

• Twitter
• Digg
• StumbleUpon
• Technorati
• del.icio.us
• Facebook
• Furl
• LinkedIn
• Yahoo

Events of Interest: FTC to Host Public Roundtables on Privacy (Dec. 7): Via Privacy Lives.

The Federal Trade Commission announced it willhold public roundtables to “explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data.” The object of the roundtables “is to determine how best to protect consumer privacy while supporting beneficial uses of the information and technological innovation.” Here are the details of “Exploring Privacy: A Roundtable Series”: [...]

Read Original Article:(Via Privacy Lives.)

Call for papers - Privacy 2010 at Stanford - Intelligent Information Privacy Management Symposium: Via Laura S on Twitter.

Intelligent Information Privacy Management Symposium

March 23 - 25, 2010
CodeX: The Stanford Center of Computers and Law
Stanford University, USA

This symposium takes a transdisciplinary approach in its exploration of privacy management by drawing from the key areas of Law, Computer Science, Artificial Intelligence, and Business. It will focus on the need to develop effective information privacy management frameworks, tools and techniques by addressing the underlying tension between transparency and disclosure in the privacy versus business strategy arenas. There is a significant and growing need to identify privacy requirements in application development and to use intelligent technology-enabled solutions to assist users to monitor and manage their personal information in a more transparent proactive fashion. [ Read more ... ]

How To Hijack 'Every iPhone In The World': Via Forbes.com .

On Thursday, two researchers plan to reveal an unpatched iPhone bug that could virally infect phones via SMS.

If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly.

That small cipher will likely be your only warning that someone has taken advantage of a bug that Miller and his fellow cybersecurity researcher Collin Mulliner plan to publicize Thursday at the Black Hat cybersecurity conference in Las Vegas. Using a flaw they've found in the iPhone's handling of text messages, the researchers say they'll demonstrate how to send a series of mostly invisible SMS bursts that can give a hacker complete power over any of the smart phone's functions. That includes dialing the phone, visiting Web sites, turning on the device's camera and microphone and, most importantly, sending more text messages to further propagate a mass-gadget hijacking.

"This is serious. The only thing you can do to prevent it is turn off your phone," Miller told Forbes. "Someone could pretty quickly take over every iPhone in the world with this." [ Read more ... ]

ATM Vendor Halts Researcher’s Talk on Vulnerability: Via Threat Level.

An ATM vendor has succeeded in getting a security talk pulled from the upcoming Black Hat conference after a researcher announced he would demonstrate a vulnerability in the system.

Barnaby Jack, a researcher with Juniper Networks, was to present a demonstration showing how he could “jackpot” a popular ATM brand by exploiting a vulnerability in its software.

Jack was scheduled to present his talk at the upcoming Black Hat security conference being held in Las Vegas at the end of this month.

But on Monday evening, his employer released a statement saying it was canceling the talk due to the vendor’s intervention. [ Read more ... ]

Goals for CFP 2010 … your thoughts?: Via CFP 2009 Blog.

The next few weeks will be a little schizophrenic around here, as we wrap up CFP 2009 and start the planning for CFP 2010. For ideas about speakers or topics you’d like to see at the conference, please continue to use the CFP 2010 brainstorming thread. This thread is specifically for discussions about the goals.

Potential co-chair Elizabeth Stark and I came up with these as a first cut … what do others think? [ Read more ... ]

Welcome to Computers, Freedom, and Privacy 2009, the 19th annual CFP conference.

June 1-4, 2009, Washington DC Marvin Center at George Washington University, Third Floor

Please join us online via video and twitter [ Read more ... ]

Scholarships Now Available for EFF Bootcamp on May 11: Apply Now!: Via EFF.org Updates.

Thanks to the generosity of Google, we can now offer scholarships to individuals who wish to attend the EFF Bootcamp on User-Generated Content taught by EFF attorneys on May 11 at Golden Gate University School of Law in San Francisco.

If you would like to attend the bootcamp, but cannot afford the fee, send us a short note at bootcamp@eff.org, saying why a scholarship is appropriate for you. We'll make the decisions in early May. Sign up now!

The EFF Bootcamp will cover the following topic areas: [ Read more ... ]

Public Booted from DVD Copying Trial Over ‘Secret’ CSS Code: Via Threat Level.

AN FRANCISCO — Whether the public has a right to make a “fair use” copy of DVDs is on trial in a San Francisco federal court. Yet the public may never know whether the verdict was reached fairly because the presiding judge removed the press just as the nuts and bolts of the case was to be aired out.

U.S. District Judge Marilyn Hall Patel’s contempt for the media is widely known by the San Francisco tech press. Patel, a Carter appointee, presided over the Napster trial in one of the smallest courtrooms in the San Francisco federal building – despite unsuccessful press pleas that the high-profile case be moved to a substantially larger courtroom that perpetually sits vacant. Hence, many reporters were excluded for lack of space.

Fast forward to Friday. Patel excluded several reporters from the same courtroom in a case testing Hollywood’s lock on the DVD. The press, including Wired, CNET, Reuters, Bloomberg News Service, The New York Times and The Associated Press and other outlets were ordered removed as the guts of the case got underway. [ Read more ... ]

What Went Right in the Fight Against ‘Nuisance Adware’: Via CDT - PolicyBeta.

It’s significant that of all the major desktop advertising players (the others being Claria, WhenU and DirectRevenue), Zango was the last one standing.

With those words, Ken Smith the CEO of adware company Zango/180solutions signaled the end of an industry that consumers never wanted and the end of a company that CDT found to be engaging in unfair and deceptive practices, a claim substantiated by the company’s record $3 million settlement with the FTC 10 months later.

At the CDT Gala last month, FTC Chairman Leibowitz foreshadowed this development suggesting that this “iniquitous business model has been mostly eradicated.”

The adware companies always tried to take advantage of the worst practices of mainstream players on the Internet to create a new “gray area” to do business in where they could install software without proper notice or consent; pop up advertisements at users while they were on the Web; and keep users from being able to uninstall their software. [ Read more ... ]

DRM is Dead / Long Live DRM: A Call for Transparency in the Emerald City: Via Freedom to Tinker.

Obligatory disclaimer: I'm a student clinician in the Glushko-Samuelson Technology Law and Policy Clinic at the University of Colorado School of Law, and am, under the supervision of several law professors, representing Alex Halderman in the ongoing DMCA Anti-Circumvention Triennial Review. My opinions here are my own and not related to our representation of Alex, and don't necessarily reflect the opinions of the TLPC, CU, my professors, Alex, or anyone else. Finally, as Prof. Ohm likes to point out, I'm not a lawyer, and this isn't legal advice.

--

Reading Prof. Felten's post on "DRM in Retreat" earlier this year might have lead one to believe that DRM was getting ready to take a long walk off a short pier wearing concrete shoes. However, the DRM town hall meeting hosted by the Federal Trade Commission this week in Seattle quickly disabused all in attendance of such a notion. [ Read more ... ]

Researchers: cheap scanners can 'fingerprint' paper: Via Security | Macworld.

Think two blank sheets of paper are the same? Look closer.

Researchers at Princeton University and University College London say they can identify unique information, essentially like a fingerprint, from any sheet of paper using any reasonably good scanner. The technique could be used to crack down on counterfeiting or even keep track of confidential documents. The researchers’ paper on the finding is set to be presented at an IEEE (Institute of Electrical and Electronics Engineers) security conference in Oakland, California, next May. [ Read more ... ]

Experts Debate the Value of Breach Notification Laws: Via Wired: Threat Level.

When California passed the first data breach notification law in 2003, it quickly became the defacto standard for the rest of the country. A total of 44 states now have breach notification laws, which vary only slightly in their definitions of what constitutes a breach that requires notification and what companies must do when they experience a breach.

But are the laws doing any good?

This was the question that a number of speakers at the Security Breach Notification seminar held in Berkeley on Friday (at right) tried to answer. [ Read more ... ]

Getting Involved :: Triangle Center on Terrorism and Homeland Security:

Data Privacy Day 2009
Protecting National Security and Privacy
January 27, 2009 - Rhodes Conference Room - 4:00pm - 6:00pm
Terry Sanford Institute of Public Policy

Panelists: [ Read more ... ]

New CFP09 submission deadline: January 23 - Via CFP: Technology Policy '08:

In keeping with CFP traditions, the submission deadline has once again been extended. From Cindy Southworth and Jay Stanley's email today:

We have received many exciting proposals for CFP 2009, however there have been numerous requests for a few more days to submit proposals. We are happy to announce that we are extending the deadline to FRIDAY, JAN. 23rd.

So, if you've been thinking about sending something in ... please do! The submission page is here.

jon

PS: Also in keeping with CFP traditions, there have been delays in setting up the software, and the CFP09 blog isn't yet available. Stay tuned ...

(Read Original Article - Via CFP: Technology Policy '08.)

Feds note gaming DRM woes: FTC to hold town hall meeting - Via Ars Technica:

2008 may become known as the year of digital rights management, thanks in no small part to EA's bringing the issue front and center with Spore and the ensuing backlash. These days gamers want to know what kind of DRM a game employs before they make a purchase, and for many people the inclusion of SecuROM means a lost sale. All of the sound and fury surrounding the issue has gotten the attention of the Federal Trade Commission, and the government agency is planning on holding a town hall meeting devoted to the subject of DRM on March 25.  [ Read more ... ]